Several Vulnerabilities Discovered in Vmware Products
According to computer security company iDefense, several security flaws have been discovered in various VMware products. These flaws could potentially be exploited by both local and remote attackers to bypass security, compromise a vulnerable PC and launch denial of service attack.
The first flaw could allow attacker to inject an arbitrary program into any virtual environment while the VMware program asks to indicate the directory containing shared library applications. The vmware-authd function of the software gives the attacker root privilege to conduct this transaction. The products containing this flaw include VMware GSX Server Version 188.8.131.5297 for Linux, VMware Workstation Version 184.108.40.206824 for Linux, and VMware ESX Server 220.127.116.11039.
VMware has, however, patched ...
» SPAMfighter News - 17-06-2008